Neeed trojan removal instruction

Trend Micro's online scan ("Housecall") tells me I have 3 Troajans. Two are Troj Hooker24.B--one is located in C\windows\winup.exe & one in C\rundll32.exe. Aliases are Trojan.PSW.Hooker.24.B and PWS-gen.Hooker.exe. The other one is Troj Delf.CX. The file is C\windows\wdll.dll. My operating system is XP Pro. I need clear, basic, non-technical jargon, step-by-step instructions for removing them. Have tried many software removal programs with no success (AVG, Trojan Hunter, Spy Hunter, Ad-aware). I am unemployed, and need to do the labor myself (free) if at all possible. House Call says they are "not cleanable". I don't know what the implications of that are. What do I need to do to remove these irritating equines? Thanks for any help you can provide.

 

Out of the apps you mentioned, only TH is a dedicated AT. AV's often cannot delete running processes. It's probably saying it cannot be cleaned because it is not an infected file but actual malware that must be deleted. But the process needs to be stopped in order to be deleted. Did you try a free trial version of TDS? Just be sure to update the signature definition files from the TDS website. I'd try that before attempting manual removal.

The link here should provide you with a means to download TDS.
http://www.wilders.org/anti_trojans.htm

 

Easiest way is to delete the detected files. However you may come into problems if the files are running (which most likely are). So I recommend downloading DiamondCS DelLater. It allows you to set which files to delete when windows reboots. Use this program agaist the detected files, reboot the system, and then look for the files again, they would have been removed.

http://www.diamondcs.com.au/index.php?page=dellater

However they may also be in the autostart registry/startup folders, so download DiamondCS Autostart Viewer, and remove the references to the detected files

http://www.diamondcs.com.au/index.php?page=asviewer

 

Oh, Wow! Thanks, everyone. I'm very impressed with you since I had previously posted on 2 other forums & had gotten no help (in one case still no response at all). Had also written to the pest removal software companies (purchased OR free software) that had failed to detect & remove my trojans. Still no response from any companies. I am an animal lover & would love to donate to your animal cause, Derek. However, because I am unemployed at present, I am not spending for anything extra (charity) beyond what I need since I need to be able to care for the 3 animals I own (and myself). I do think that rescue is very important since I am currently doing a lot of work with a dog rescue group screening applicants to rehome 2 of my mother's dogs. Now onto the computer stuff! While I was waiting to see if I'd get a helpful response from this forum, I read more on it & found the info. about the A2 AT. I downloaded it & it detected & removed the 2 Troj Hooker.24.B's!!!!! Nice program! Two down--one to go. I will download the trial TDS & see what happens with the last trojan. It makes a lot of sense, sig., that the scan was saying that these were "noncleanable" because it was looking for virally infected files to clean & these are maleware files that just need to be removed--also they are running. It was pretty discouraging & alarming at first when I saw "noncleanable", so thanks for the reassurance. Wow, Rod, its good to know about
DelLater--I didn't. Even if TDS doesn't remove my remaining Trojan, I still will want some help with the Hijackthis log. I have it & it has 2 references to a file I downloaded without being aware that the program was tracking my surfing habits (e-scorcher). When I became aware I deleted it, but its on the log. Also had a worse problem with StopSign which as I remember kept reinstalling itself. Its on the log also. And there is yet another program that I thought I deleted. What do I need to do with the log? I'll let you know if TDS gets Troj Delf.CX.

 

Hi dreamcatcherco,

As far as what to do with your HJT log.....

Go HERE and follow the instructions.

Regards,
Kent

 

Thanks Kent. I'll use your link.
When I scanned with TDS3 got no detection of the Troj Delf.CX that "Housecall" found. But before I selected my scan I had something in the alarm section that I didn't know what to do with. It said RegVal Trace: worm.moodown.
Name: hkey_local_machine.
File: software\microsoft\windows\current version\run[ICQNet. . .
Do I need to delete it or save to text